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DETAILED ACTION 



1. 



Claims 1-18 are pending for examination. 



2. 



Claims 1-18 are rejected. 



Specification 



3. The disclosure is objected to because of the following informalities: The attempt to 
incorporate subject matter into this application by reference to US patent applications only by a 
title (i.e., page 1, lines 9-11, "Method and Apparatus for Efficiently Initializing Secure 
Communications Among Wireless Devices", and other locations) is improper because reference 
to said documents is incomplete without more specific identification (i.e., actual US patent 
applications numbers). 



4. Claims 1,7, 13 are objected to because of the following informalities: "a server" is 
recited as "a a server". Appropriate correction is required. 

Claims 5, 11, 17 are objected to because of the following informalities: "transmitting 
said device " is recited as "transmitting said said device ". Appropriate correction is required. 

Claim 6 is objected to because of the following informalities: "as claimed in claim 5" is 
recited as "as claimed in claim 6". The examiner assumes that for the purpose of applying art 
that the applicant is referring to "claim 5". Appropriate correction is required. 



Claim Objections 
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Claim Rejections - 35 USC § 101 



35 U.S.C. 101 reads as follows: 



Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 



5. Claims 13-18 are rejected under 35 U.S.C. 101 because the claimed invention is directed 
to non-statutory subject matter. These claims either recite non-statutory subject matter as they 
either recite a computer comprising instructions or are disclosed as software alone. Claims 
including a computer readable medium avoid a rejection under this code, and for the purpose of 
applying art such a computer readable medium embodiment is assumed. 



The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

6. Claims 13-18 recites the limitation "embedded radio module, said method comprising: " 
in claims 13- 18. There is insufficient antecedent basis for this limitation in the claim in that the 
preamble recites "A program for initializing...". Claims 13-18 are rejected. 



Claim Rejections - 35 USC §112 



Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
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A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

7. Claims 1- 3, 5- 9, 11-15, 17- 18 are rejected under 35 U.S.C. 102(b) as being anticipated 
byDebry, U.S. Patent 6,314,521 BL 

8. As per claim 1 ; " A method for initializing [see Debry, col. 6, lines 4-7] a first device 
distributed with an embedded radio module using a server, said server having an embedded radio 
[col. 6, lines 16-17, col. 7, lines 20-24] module, said method comprising the steps of; sending an 
inquiry [col. 6, lines 33-35, the inquiry as part of the estabhshment of the HTTP session (i.e., 
SSL mutual authentication handshaking)], where from said server to said first device using said 
embedded radio modules; returning [col. 6, lines 36-43], from said first device, a unique device 
identifier [col. 6, lines 19-27,40-41, col. 8, lines 17-25] of said first device, to said server; 
creating, at said server, a public key, private key pair [col. 6, lines 56-60] for said first device; 
creating, at said server, a device certificate [col. 6, lines 12-18, col. 9, Unes 15-23] for said first 
device, said device certificate having a unique hardware identifier associated with said first 
device and a public key associated with said first device; transmitting [col. 6, lines 52-64] said 
private key, and said device certificate [col. 7, lines 25-26], and a public key of a Certificate 
Authority [col. 6, lines 10-11, col. 8, lines 26-28, 38-44] which signed said device certificate, to 
said first device; and, storing said private key in non-removable protected storage [col. 6, lines 
28-32, 66-67] at said first device." ; 

And further as per claim 7 ; "A system [This claim is the apparatus of the method claim 
1, and is rejected for the same reasons provided for the claim 1 rejection above] for initializing a 
first device distributed with an embedded radio module using a server, said server having an 
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embedded radio module, said system comprising: a communications mechanism for sending an 
inquiry from said server to said first device using said embedded radio modules, and returning, 
from said first device, a unique device identifier of said first device, to said server; a processor at 
said server for creating a public key, private key pair for said first device; a device certificate, 
created at said server, for said first device, said device certificate having a unique hardware 
identifier associated with said first device and a public key associated with said first device; 
wherein said communications mechanism transmits said private key, and said device certificate, 
and a public key of a Certificate Authority which signed said device certificate, to said first 
device; and, said processor stores said private key in non-removable protected storage at said 
first device."; 

And further as per claim 13 ; "A program [This claim is the software embodiment of the 
method claim 1, and is rejected for the same reasons provided for the claim 1 rejection above] for 
initializing a first device distributed with an embedded radio module using a server, said server 
having an embedded radio module, said method comprising: computer program code means of 
sending an inquiry from said server to said first device using said embedded radio modules; 
computer program code means of returning, fi-om said first device, a unique device identifier of 
said first device, to said server; computer program code means of creating, at said server, a 
public key, private key pair for said first device; computer program code means of creating, at 
said server, a device certificate for said first device, said device certificate having a unique 
hardware identifier associated with said first device and a public key associated with said first 
device; computer program code means of transmitting said private key, and said device 
certificate, and a public key of a Certificate Authority which signed said device certificate, to 
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said first device; and, computer program code means of storing said private key in non- 
removable protected storage at said first device. " ; 

9. As per claim 5 ; "A method for initializing [see Debry, col. 6, lines 4-7] a first device 
distributed with an embedded radio [col. 6, lines 16-17, col. 7, lines 20-24] module using a 
server, said server having an embedded radio module, said method comprising the steps of: 
sending an inquiry [col. 6, Hnes 33-35, the inquiry as part of the establishment of the HTTP 
session (i.e., SSL mutual authentication handshaking)] fi'om said server to said first device using 
said embedded radio modules; creating [col. 6, lines 19-27,40-41, col. 8, lines 17-25], at said 
first device, a public key, private key pair for said first device; storing [col. 6, lines 28-32, 66- 
67], at said first device, said private key in non-removable protected storage; returning [col. 6, 
lines 36-43], from said first device, a unique device identifier and said public key of said first 
device, to said server; creating, at said server, a device certificate [col. 6, lines 12-18, col. 9, lines 
15-23]for said first device, said device certificate having said device identifier and said pubhc 
key; and transmitting [col. 6, lines 52-64] said device certificate and a public key of a Certificate 
Authority [col 6, lines 10-11, col. 8, lines 26-28, 38-44] which signed said device certificate to 
said first device." [col. 10, lines 1-60, figure 11, '...the other configuration data determines 
which request headers will be passed to the Transaction Gateway Client. Some options include 
authentication data, URI, document root, and Web Browser IP address ... ']; 

And further as per claim 1 1 ; "An initialization system [This claim is the apparatus of the 
method claim 1, and is rejected for the same reasons provided for the claim 1 rejection above], 
said system comprising: a first device, said first device having an embedded radio module; a 
server, said server having an embedded radio module; a communications mechanism, said 
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communications mechanism sending an inquiry from said server to said first device using said 
embedded radio modules; wherein said first device creates a public key, private key pair for said 
first device, stores said private key in non-removable protected storage, and returns a unique 
device identifier and said public key of said first device, to said server; said server creates a 
device certificate for said first device, said device certificate having said device identifier and 
said public key; and transmits said device certificate and a public key of a Certificate Authority 
which signed said device certificate to said first device."; 

And further as per claim 17 ; "A program [This claim is the software embodiment of the 
method claim 1, and is rejected for the same reasons provided for the claim 1 rejection above] for 
initializing a first device distributed with an embedded radio module using a server, said server 
having an embedded radio module, said method comprising: computer program code means of 
sending an inquiry fi-om said server to said first device using said embedded radio modules; 
computer program code means of creating, at said first device, a public key, private key pair for 
said first device; computer program code means of storing, at said first device, said private key in 
non-removable protected storage; computer program code means of returning, from said first 
device, a unique device identifier and said public key of said first device, to said server; 
computer program code means of creating, at said server, a device certificate for said first device, 
said device certificate having said device identifier and said public key; and transmitting said 
device certificate and a public key of a Certificate Authority which signed said device certificate 
to said first device."; 

10. Claim 2 additionally recites the limitations that "method as claimed in claim 1 wherein 
said protected storage is write-only storage able to perform computations involving previously 
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written data. The teachings of Debry (col. 6, lines 66-67) suggest such Hmitations (i.e., non- 
volatile memory); 

And further, claim 8 additionally recites the limitations that "A system as claimed in 
claim 7 wherein said protected storage is write-only storage able to perform computations 
involving previously written data. " [This claim is the apparatus of the method claim 2, and is 
rejected for the same reasons provided for the claim 2 rejection above] ; 

And further, claim 14 additionally recites the limitations that "A program as claimed in 
claim 13 wherein said protected storage is write-only storage able to perform computations 
involving previously written data. " [This claim is the software embodiment of the method claim 
2, and is rejected for the same reasons provided for the claim 2 rejection above]; 
11. Claim 3 additionally recites the limitations that "A method as claimed in claim 1 wherein 
a copy of said certificate is stored in an enterprise database '\ The teachings of Debry (coL 6, 
lines 24-26, 61-64) suggest such limitations (i.e., IBM Corp. wide database is clearly an 
enterprise database); 

And further, claim 9 additionally recites the limitations that "A system as claimed in 
claim 7 wherein a copy of said certificate is stored in an enterprise database. " [This claim is the 
apparatus of the method claim 3, and is rejected for the same reasons provided for the claim 3 
rejection above]; 

And further, claim 15 additionally recites the limitations that "A program as claimed in 
claim 13 wherein a copy of said certificate is stored in an enterprise database. " [This claim is the 
software embodiment of the method claim 3, and is rejected for the same reasons provided for 
the claim 3 rejection above]; 
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12. Claim 6 additionally recites the limitations that "A method as claimed in claim 5 wherein 
said protected storage is a write-only storage able to perform computations involving previously 
written data." . The teachings of Debry (col. 6, lines 66-67) suggest such limitations (i.e., non- 
volatile memory); 

And further, claim 12 additionally recites the limitations that "A system as claimed in 
claim 1 1 wherein said protected storage is a write-only storage able to perform computations 
involving previously written data." [This claim is the apparatus of the method claim 6, and is 
rejected for the same reasons provided for the claim 6 rejection above]; 

And further, claim 18 additionally recites the limitations that "A program as claimed in 
claim 17 wherein said protected storage is a write-only storage able to perform computations 
involving previously written data." [This claim is the software embodiment of the method claim 
6, and is rejected for the same reasons provided for the claim 6 rejection above]; 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 1 02 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 4, 10, 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Debry, 
U.S. Patent 6,314,521 Bl, and further in view of Netscape ("Netscape") Communications Corp., 
"Netscape Certificate Server FAQ", 1997. 
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13. As per claim 4 ; "A method as claimed in claim 1 wherein a copy of said certificate is 
stored in an LDAP directory." . 

Debry teaches of the certificate based initialization / authentication of a first device 
associated with a network server / certificate authority in an enterprise (i.e., IBM) environment. 

Debry fails to teach of the certificate storage being in an LDAP directory. 

Netscape teaches of using the Netscape Certificate Server vl.O for managing ( clearly 
including storage) PKI based digital certificates in an enterprise-wide security infrastructure 
scaled to the internet, using open standards including LDAP directory support (2"^ section, 1^^ 
and 3'^ bullets). 

It would have been obvious to a person of ordinary skill in the art at the time of the 
invention to have been motivated to combine the Debry certificate based initialization / 
authentication of a first device associated with a network server / certificate authority in an 
enterprise environment invention with the Netscape Certificate Server vl.O for managing PKI 
based digital certificates in an enterprise-wide security infrastructure, using LDAP directory 
support to allow for the Open Standards support for PKI based security (i.e., SSL, X.509 
directory services, etc.) that is required in such large networks such as the internet (Netscape, 
entire document). 

And further, claim 10 additionally recites the limitations that "A system as claimed in 
claim 7 wherein a copy of said certificate is stored in an LDAP directory." [This claim is the 
apparatus of the method claim 4, and is rejected for the same reasons provided for the claim 4 
rejection above]; 
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And further, claim 16 additionally recites the limitations that "A program as claimed in 
claim 13 wherein a copy of said certificate is stored in an LDAP directory." [This claim is the 
software embodiment of the method claim 4, and is rejected for the same reasons provided for 
the claim 4 rejection above]; 

Conclusion 

14. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

1. Traw et al U.S. Patent 5,949,877 

2. Traw et al U.S. Patent 6,542,610 

3. Weber et al U.S. Patent 6,178,409 

4. Ramasubramani et al. U.S. Patent 6,233,577 

15. Any inquiry concerning this communication or earlier communications from examiner 
should be directed to Ronald Baum, whose telephone number is (703) 305-4276. The examiner 
can normally be reached Monday through Friday from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh, can be reached at (703) 305-9648. The Fax numbers for the 
organization where this application is assigned are: 
After-final (703) 746-7238 

Official (703) 746-7239 

Non-Official/Draft (703) 746-7246 
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